Process firewalls: Protecting processes during resource access

Proceedings of the 8th ACM European Conference on Computer Systems, EuroSys 2013

Volumn , Issue , 2013, Pages 57-70

  Vijayakumar, Hayawardh ^a   Schiffman, Joshua ^b   Jaeger, Trent ^a  

^a PENNSYLVANIA STATE UNIVERSITY   (United States)

^b ADVANCED MICRO DEVICES   (United States)

Author keywords

protection; resource access attacks

Indexed keywords

INTERNAL STATE; KERNEL MECHANISM; NAME RESOLUTION; NETWORK FIREWALLS; PROGRAM MODIFICATIONS; PROGRAM PERFORMANCE; PROTECTION; RESOURCE ACCESS;

COMPUTER OPERATING SYSTEMS;

COMPUTER SYSTEM FIREWALLS;

EID: 84877716990     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/2465351.2465358     Document Type: Conference Paper

References (47)

1. audit2allow. http://fedoraproject.org/wiki/SELinux/audit2allow.
2. Apache Performance Tuning. http://httpd.apache.org/docs/2.2/misc/perf- tuning.html#symlinks, 2012.
3. J. P. Anderson. Computer Security Technology Planning Study, Volume II. Technical Report ESD-TR-73-51, AFSC, October 1972.
4. D. Balzarotti, M. Cova, V. Felmetsger, N. Jovanovic, E. Kirda, C. Kruegel, and G. Vigna. Saner: Composing static and dynamic analysis to validate sanitization in web applications. In IEEE SSP, 2008.
5. M. Bishop and M. Digler. Checking for race conditions in file accesses. Computer Systems, 9(2), Spring 1996.
6. N. Borisov, R. Johnson, N. Sastry, and D. Wagner. Fixing races for fun and profit: How to abuse atime. In USENIX Security '06, 2005.
7. X. Cai, Y. Gui, and R. Johnson. Exploiting Unix File-System Races via Algorithmic Complexity Attacks. In IEEE SSP, 2009.
8. S. Chari, S. Halevi, and W. Venema. Where Do You Want to Go Today? Escalating Privileges by Pathname Manipulation. In NDSS '10, 2010.
9. H. Chen, J. Yu, R. Chen, B. Zang, and P. chung Yew. POLUS: A POwerful live updating system. In 29th Intl Conf. on Software Engineering, pages 271-281, 2007.
10. W. R. Cheswick and S. M. Bellovin. Firewalls and Internet security: repelling the wily hacker. Addison-Wesley Longman, 1994.
11. C. Cowan, S. Beattie, C. Wright, and G. Kroah-hartman. Raceguard: Kernel protection from temporary file race vulnerabilities. In USENIX SSYM, 2001.
12. Cryogenic-Sleep. Symlinks and Cryogenic Sleep. http://seclists.org/ bugtraq/2000/Jan/16, 2000.
13. CVE. Common vulnerabilities and exposures. http://cve.mitre.org/, 2012.
14. CWE. Common weakness enumeration. http://cwe.mitre.org/, 2012.
15. CWE-22. Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'). http://cwe.mitre.org/data/definitions/22.html, 2012.
16. David S. Peterson and Matt Bishop and Raju P. A flexible containment mechanism for executing untrusted code. In USENIX Security, 2002.
17. D. Dean and A. Hu. Fixing races for fun and profit. In USENIX Security, 2004.
18. H. H. Feng, J. T. Giffin, Y. Huang, S. Jha, W. Lee, and B. P. Miller. Formalizing sensitivity in static analysis for intrusion detection. In IEEE SSP '04, 2004.
19. S. Forrest, S. A. Hofmeyr, A. Somayaji, and T. A. Longstaff. A sense of self for Unix processes. In IEEE SSP '96, 1996.
20. T. Garfinkel. Traps and pitfalls: Practical problems in in system call interposition based security tools. In NDSS, 2003.
21. T. Garfinkel, B. Pfaff, and M. Rosenblum. Ostia: A delegating architecture for secure system call interposition. In NDSS, 2004.
22. J. T. Giffin, D. Dagon, S. Jha, W. Lee, and B. P. Miller. Environment-sensitive intrusion detection. In RAID '06, 2006.
23. I. Goldberg, D. Wagner, R. Thomas, and E. A. Brewer. A secure environment for untrusted helper applications. In USENIX Security '96, 1996.
24. T. Jaeger, R. Sailer, and X. Zhang. Analyzing Integrity Protection in the SELinux Example Policy. In USENIX Security, 2003.
25. T. Jaeger, A. Edwards, and X. Zhang. Consistency analysis of authorization hook placement in the Linux security modules framework. ACM Trans. Inf. Syst. Secur., 2004.
26. M. Krohn, A. Yip, M. Brodsky, N. Cliffer, M. Frans, K. Eddie, and K. R. Morris. Information flow control for standard OS abstractions. In SOSP, 2007.
27. H. M. Levy. Capability-based Computer Systems. Digital Press, 1984.
28. W. S. McPhee. Operating system integrity in OS/VS2. IBM Syst. J., 1974.
29. B. Niu and G. Tan. Enforcing user-space privilege separation with declarative architectures. In ACM STC, 2012.
30. Novell. AppArmor Linux Application Security. http://www.novell.com/linux/ security/apparmor/.
31. NSA. SELinux, 2012. http://www.nsa.gov/selinux.
32. J. Olsa. LKML: kernel: backtrace unwind support. https://lkml.org/lkml/ 2012/2/10/129, 2012.
33. M. Payer, T. Hartmann, and T. R. Gross. Safe loading - a foundation for secure execution of untrusted programs. In IEEE S&P, 2012.
34. N. Provos. Improving host security with system call policies. In USENIX Security, 2003.
35. N. Provos, M. Friedl, and P. Honeyman. Preventing privilege escalation. In USENIX Security, 2003.
36. J. Saltzer and M. Schroeder. The protection of information in computer systems. Proceedings of the IEEE, 1975.
37. R. Sekar, M. Bendre, D. Dhurjati, and P. Bollineni. A fast automaton-based method for detecting anomalous program behaviors. In IEEE SS&P '01, 2001.
38. R. Sekar, V. Venkatakrishnan, S. Basu, S. Bhatkar, and D. C. DuVarney. Model-carrying code: a practical approach for safe execution of untrusted applications. In SOSP '03, 2003.
39. D. Tsafrir, T. Hertz, D. Wagner, and D. Da Silva. Portably solving file TOCTTOU races with hardness amplification. In USENIX FAST, 2008.
40. H. Vijayakumar, G. Jakka, S. Rueda, J. Schiffman, and T. Jaeger. Integrity walls: Finding attack surfaces from mandatory access control policies. In ASIACCS, 2012.
41. H. Vijayakumar, J. Schiffman, and T. Jaeger. STING: Finding Name Resolution Vulnerabilities in Programs. In USENIX Security, 2012.
42. D. Wagner. Mimicry attacks on host-based intrusion detection systems. In Proceedings of the 9th ACM CCS, 2002.
43. R. N. M. Watson, J. Anderson, B. Laurie, and K. Kennaway. Capsicum: practical capabilities for UNIX. In USENIX Security, 2010.
44. J. Wei and C. Pu. Modeling and preventing TOCTTOU vulnerabilities in Unix-style file systems. Computers & Security, 2010.
45. C. Wright, C. Cowan, and J. Morris. Linux security modules: General security support for the Linux kernel. In USENIX Security, 2002.
46. N. Zeldovich, S. Boyd-Wickizer, E. Kohler, and D. Mazières. Making information flow explicit in HiStar. In OSDI, 2006.
47. X. Zhang, A. Edwards, and T. Jaeger. Using CQUAL for static analysis of authorization hook placement. In USENIX Security, 2002.